CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 5CVE-2022-2639 – kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
https://notcve.org/view.php?id=CVE-2022-2639
01 Sep 2022 — An integer coercion error was found in the openvswitch kernel module. • https://github.com/bb33bb/CVE-2022-2639-PipeVersion • CWE-192: Integer Coercion Error CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24106 – Gentoo Linux Security Advisory 202405-18
https://notcve.org/view.php?id=CVE-2022-24106
30 Aug 2022 — In Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. • http://www.xpdfreader.com/security-fixes.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24107 – Gentoo Linux Security Advisory 202405-18
https://notcve.org/view.php?id=CVE-2022-24107
30 Aug 2022 — Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc. • http://www.xpdfreader.com/security-fixes.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-38784 – poppler: integer overflow in JBIG2 decoder using malformed files
https://notcve.org/view.php?id=CVE-2022-38784
30 Aug 2022 — Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). ... Esto es similar a la vulnerabilidad descrita por CVE-2022-38171 en Xpdf An integer overflow issue was discovered in Popplers' JBIG2 decoder in the JBIG2Stream::readTextRegionSeg() function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering a... • http://www.openwall.com/lists/oss-security/2022/09/02/11 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-20224 – Ubuntu Security Notice USN-5736-1
https://notcve.org/view.php?id=CVE-2021-20224
25 Aug 2022 — An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. • https://github.com/ImageMagick/ImageMagick/commit/5af1dffa4b6ab984b5f13d1e91c95760d75f12a6 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-20304 – Gentoo Linux Security Advisory 202210-31
https://notcve.org/view.php?id=CVE-2021-20304
23 Aug 2022 — A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en la funcionalidad hufDecode de OpenEXR. Este fallo permite a un atacante que pueda pasar un archivo diseñado para ser procesado por OpenEXR, desencadenar un error de desplazamiento a la derecha no definido. • https://access.redhat.com/security/cve/CVE-2021-20304 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38171 – Gentoo Linux Security Advisory 202405-18
https://notcve.org/view.php?id=CVE-2022-38171
22 Aug 2022 — Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). • http://www.openwall.com/lists/oss-security/2022/09/02/11 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36008 – Message length overflow in frontier
https://notcve.org/view.php?id=CVE-2022-36008
19 Aug 2022 — Frontier is Substrate's Ethereum compatibility layer. A security issue was discovered affecting parsing of the RPC result of the exit reason in case of EVM reversion. In release build, this would cause the exit reason being incorrectly parsed and returned by RPC. In debug build, this would cause an overflow panic. No action is needed unless you have a bridge node that needs to distinguish different reversion exit reasons and you used RPC for this. • https://github.com/paritytech/frontier/commit/fff8cc43b7756ce3979a38fc473f38e6e24ac451 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.0EPSS: 0%CPEs: 12EXPL: 0CVE-2022-2625 – postgresql: Extension scripts replace objects not belonging to the extension.
https://notcve.org/view.php?id=CVE-2022-2625
18 Aug 2022 — Issues addressed include integer overflow and remote SQL injection vulnerabilities. • https://bugzilla.redhat.com/show_bug.cgi?id=2113825 • CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-2335 – Softing Secure Integration Server Integer Underflow
https://notcve.org/view.php?id=CVE-2022-2335
17 Aug 2022 — The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. • https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html • CWE-191: Integer Underflow (Wrap or Wraparound) •